package com.ht.sps.nh.module;

import com.alibaba.fastjson.JSON;
import com.ht.sps.bui.model.SimpleTreeNode;
import com.ht.sps.dao.UserDao;
import com.ht.sps.nh.entity.TreeMenu;
import com.ht.sps.nh.entity.User;
import com.ht.sps.nh.service.NhUserService;
import com.ht.sps.nh.service.TreeMenuService;
import com.ht.sps.util.ValidationUtil;
import com.octo.captcha.service.CaptchaServiceException;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresGuest;
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.subject.Subject;
import org.nutz.dao.Cnd;
import org.nutz.integration.shiro.realm.NutDaoRealm;
import org.nutz.ioc.loader.annotation.Inject;
import org.nutz.ioc.loader.annotation.IocBean;
import org.nutz.lang.Strings;
import org.nutz.lang.Times;
import org.nutz.mvc.annotation.*;
import org.nutz.web.ajax.Ajax;
import org.nutz.web.ajax.AjaxReturn;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.http.HttpServletRequest;
import java.util.*;

@IocBean
@At("nh/system/changePassword")
public class ChangePasswordModule {
    private static final Logger log = LoggerFactory.getLogger(ChangePasswordModule.class);

    @Inject
    private UserDao userDao;

    @Inject
    private NhUserService nhUserService;

    /**
     *
     */
    @At("/")
    @Ok("th:nh/system/changePassword")
    public void index(HttpServletRequest request) {
        log.debug("进入修改密码窗口");
    }

    /**
     * 修改用户密码
     * @param password
     * @return
     */
    @At
    @Ok("fastjson")
    public AjaxReturn changePassword( @Param("newPassword") String password) {
        Subject currentUser = SecurityUtils.getSubject();
        NutDaoRealm.ShiroUser user = (NutDaoRealm.ShiroUser) currentUser.getPrincipal();
        RandomNumberGenerator rng = new SecureRandomNumberGenerator();
        String salt = rng.nextBytes().toBase64();
        String hashedPasswordBase64 = new Sha256Hash(password, salt, 1024).toBase64();
        if (user.getId() > 0) {
            nhUserService.updatePassword(user.getId(), hashedPasswordBase64, salt);
        }

        return Ajax.ok();
    }

    /**
     * 判断密码是否正确
     * @param password
     * @return
     */
    @At
    @Ok("fastjson")
    public Object checkPassword(@Param("password")String password){
        Subject currentUser = SecurityUtils.getSubject();
        NutDaoRealm.ShiroUser user = (NutDaoRealm.ShiroUser) currentUser.getPrincipal();
        User loginUser = nhUserService.fetch(user.getId());
        String hashedPasswordBase64 = new Sha256Hash(password, loginUser.getSalt(), 1024).toBase64();
        return loginUser.getPassword().equals(hashedPasswordBase64);
    }

}